BinSkim is a checker that examines Portable Executable (PE) files and their associated Program Database File Formats (PDB) to identify various security problems. These include:
* Use of Outdated Compiler Tool Sets – Binaries should be compiled against the most recent compiler tool sets wherever possible to maximize the use of current compiler-level and OS-provided security mitigations.
* Insecure Compilation Settings – Binaries should be compiled with the most secure settings possible to enable OS-provided security mitigations, maximize compiler errors and actionable warnings reporting, among other things.
* Signing issues – Signed binaries should be signed with cryptographically-strong algorithms.
Clik here to view.
BinSkim v1.5.0
Dependencies:
+ Visual Studio
Usage and Download:
git clone https://github.com/Microsoft/binskim && cd binskim cd src right click binskim.sln file into Visual Studio build solution binskim analyze *.exe *.dll –recurse
Source: https://github.com/Microsoft
